I think the AHA has overreached in its bid to slow down patient access to data, which I’ll examine later in this article. But to me, the most poignant aspect of the AHA letter is its careful accumulation of data to show the huge gap between what health care calls for and what hospitals, vendors, standards bodies, and even the government are capable of providing.

Two AHA staff were generous enough to talk to me on very short notice and offer some clarifications that I’ll include with the article.

A survey of the U.S. health care system

According to the AHA (translated into my own rather harsh words), the state of health IT in American hospitals is as follows:

Few hospitals and doctors can fulfill basic requirements of health care quality and cost control. For instance, 62% could not record basic patient health indicators such as weight and blood pressure (page 51 of their report) in electronic health records (EHRs).

Many EHR vendors can’t support the meaningful use criteria in real-life settings, even when their systems were officially certified to do so. I’ll cite some statements from the AHA report later in the article. Meaningful use is a big package of reforms, of course, promulgated over just a few years, but it’s also difficult because vendors and hospitals had also been heading for a long time in the opposite direction: toward closed, limited functionality.

Doctors still record huge globs of patient data in unstructured text format, where they are unavailable for quality reporting, tracking clinical effectiveness, etc. Data is often unstructured because humans are complex and their symptoms don’t fit into easy categories. Yet doctors have learned to make diagnoses for purposes of payment and other requirements; we need to learn what other forms of information are worth formalizing for the sake of better public health.

Quality reporting is a mess. The measures currently being reported are unreliable, and standards have not been put in place to allow valid comparisons of measures from different hospitals.

Government hasn’t stepped up to the plate to perform its role in supporting electronic reporting. For instance, the Centers for Medicare & Medicaid Services (CMS) wants the hospitals to report lots of quality measures, but its own electronic reporting system is still in the testing stages, so hospitals must enter data through a cumbersome and error-prone manual “attestation.” States aren’t ready to accept electronic submissions either. The Direct project is moving along, but its contribution to health data exchange is still very new.

There’s no easy place to assign blame for a system that is killing hundreds of thousands of people a year while sticking the US public with rising costs. The AHA letter constantly assures us that they approve the meaningful use objectives , but say their implementation in a foreseeable time frame is unfeasible. “We can envision a time when all automated quality reporting will occur effortlessly in a reliable and valid fashion. However, we are not there yet.” (pp. 42-43)

So the AHA message petition to the CMS can be summarized overall as, “Slow everything down, but keep the payments coming.”

AHA staff referred to the extensively researched article, A Progress Report On Electronic Health Records In U.S. Hospitals. It corroborates observations that adoption of EHRs has vastly increased between 2010 and 2011. However, the capabilities of the EHRs and hospitals using them have not kept up with meaningful use requirements, particularly among small rural hospitals with few opportunities to hire sophisticated computer technicians, etc. Some small hospitals have trouble even getting an EHR vendor to talk to them.

Why all this matters

Before looking at some details, let me lay out some of the reasons that meaningful use criteria are so important to patients and the general public:

After treatment, data must be transferred quickly to patients and the next organizations treating them (such as rehab centers and visiting nurses) so that the patients receive proper care.

Quality measures are critical so that hospitals can be exposed to sunshine, the best disinfectant, and be shamed into lowering costs and reducing errors.

Data must be collected by public agencies so that data crunchers can find improvements in outreach and treatment. Hospitals love to keep their data private, but that gives them relatively tiny samples on which to base decisions, and they often lack the skills to analyze the data.

No one can predict what will break logjams and propel health care forward, but the patient engagement seems crucial because most health care problems in developed countries involve lifestyle issues such as smoking and body weight. Next, to provide the kind of instant, pervasive patient engagement that can produce change, we need electronic records that are open to innovative apps, that can accept data from the patient-centered medical home, and that link together all care-givers.

The state of electronic health records

The EHR industry does not come out well in the AHA list of woes. The letter cites “unworkable, but certified, vendor products” (p.3) and say, “Current experience is marked by limited vendor and workforce capacity.” (p. 7) The latter complaint points to one of the big hurdles facing health care reform: we don’t have enough staff who understand computer systems and who can adapt their behavior to use them effectively.

Functionality falls far short of real hospital needs:

…one hospital system spent more than $1 million on a quality reporting tool from its vendor that was, for the most part, an unwieldy data entry screen. Even medication orders placed using CPOE [computerized physician order entry] needed to be manually re-entered for the CQM [Center For Quality Management] calculation. Even then, the data were not reliable, despite seven months of working with the vendor to attempt to get it right. Thus, after tremendous investment of financial and human resources, the data are not useful. (p. 45)

The AHA claims that vendors were lax in testing their systems, and that the government abetted the omission: “the proposals within the certification regulation require vendors to incorporate all of the data elements needed to calculate only one CQM. There is no proposal to require that certified EHRs be capable of generating all of the relevant CQMs proposed/finalized by CMS.” (p. 41) With perhaps a subtle sarcasm, the AHA proposes, “CMS should not require providers to report more e-measures than vendors are required to generate.” (p. 36)

Vendors kind of take it on the chin for fundamental failures in electronic capabilities. “AHA survey data indicate that only 10 percent of hospitals had a patient portal of any kind in Fall 2011. Our members report that none had anywhere near the functionality required by this objective. In canvassing vendors, they report no technology companies can currently support this volume of data or the listed functions.” (p. 26)

…in Stage 1, some vendors were able to dictate which clinical quality measures providers chose to report–not based on the priorities of the provider, but based on the capabilities of the system. Subsequently, market forces corrected this and vendors have gone on to develop more capabilities. But this anecdote provides an important lesson when segmenting certification criteria–indeed for most technologies in general–flexibility for users necessitates consistent and robust standards for developers. In short, the 2014 Edition must require more of the vendor community if providers are to have space to pursue meaningful use of Meaningful Use. (p. 2)

Better standards–which take time to develop–could improve the situation, which is why the Office of the National Coordinator (ONC) has set up a Health IT Standards Committee. For instance, the AHA says, “we have discovered that vendors needed to program many decisions into EHRs that were not included in the e-specifications. Not only has this resulted in rampant inconsistencies between different vendors, it produced inconsistent measure results when the e-measures are compared to their counterparts in the Inpatient Quality Reporting (IQR) Program.” (p. 35)

The AHA goes so far as to say, “The market cannot sustain this level of chaos.” (p. 7) They conclude that the government is pushing too hard. One of their claims, though, comes across as eccentric: “Providers and vendors agree that the meaningful use program has stifled innovation in the development of new uses of EHRs.” (p. 9)

To me, all the evidence points in the opposite direction. The vendors were happy for decades to push systems that performed minimal record-keeping and modest support such as formularies at huge costs, and the hospitals that adopted EHRs failed to ask for more. It wasn’t a case of market failure because, as I have pointed out (and others have too), health care is not a market. But nothing would have changed had not the government stepped in.

Patient empowerment

Now for the point that has received the most press, AHA’s request to weaken the rules giving patients access to their data. Once again, the AHA claims to favor patient access–and actually, they have helped hospitals over the years to give patients summaries of care, mostly on paper–but are passing on the evidence they have accumulated from their members that the systems will not be in place to support electronic distribution for some time. I won’t repeat all the criticisms of the experts mentioned at the beginning of this article, but provide some perspective about patient engagement.

Let’s start with the AHA’s request to let the hospital can choose the format for patient data (pp. 25-26). So long as hospitals can do that, we will be left with formats that are not interoperable. Many hospitals will choose formats that are human-readable but not machine-readable, so that correlations and useful data cannot be extracted programmatically. Perhaps the technology lags in this area–but if the records are not in structured format already, hospitals themselves lose critical opportunities to check for errors, mine data for trends, and perform other useful tasks with their records.

The AHA raises alarms at the difficulties of providing data. They claim that for each patient who is treated, the hospital will have to invest resources “determining which records are relevant and appropriate.” (p. 26) “It is also unclear whether a hospital would be expected to spend resources to post information and verify that all of the data listed are available within 36 hours.” (p. 27)

From my perspective, the patient download provisions would simply require hospitals to clean up their ways of recording data so that it is in a useable and structured format for all, including their own staff. Just evaluate what the AHA is admitting to in the following passage: “Transferring these clinical observations into a structured, coded problem list in the EHR requires significant changes to work flows and training to ensure accuracy. It also increases time demands for documentation by physicians who already are stretched thin.” (p. 27)

People used to getting instant information from commercial web sites find it very hard to justify even the 36-hour delay offered by the Stage 2 meaningful use guidelines. Amazon.com can provide me with information on all my current and recent orders. Google offers each registered user a dashboard that shows me everything they track about me, including all my web searches going back to mid-2006. They probably do this to assure people that they are not the egregious privacy violators they are regularly accused of being. Nevertheless, it shows that sites collecting data can make it available to users without friction, and with adequate security to manage privacy risks.

The AHA staff made a good point in talking to me. The CMS “transmit” requirement would let a patient ask the hospital to send his records to any institution or individual of his choice. First of all, this would assume that the recipient has encrypted email or access to an encrypted web site. And it could be hard for a hospital to make sure both the requester and the intended recipient are who they claim to be. “The transmit function also heightens security risks, as the hospital could be asked to send data to an individual with whom it has no existing relationship and no mechanism for authentication of their identity.” (p. 27) Countering this claim, Gropper and the Society for Participatory Medicine offer the open OAuth standard to give patients easy and secure access. But while OAuth is a fairly stable standard, the AHA’s concerns are justified because it hasn’t been applied yet to the health care field.

Unfortunately, allowing a patient to send his or her data to a third party is central to Accountable Care Organizations (ACOs), which hold the promise of improving patient care by sharing data among cooperating health care providers. If the “transmit” provision is delayed, I don’t see how ACOs can take off.

The AHA drastically reduces the information hospitals would have to give patients, at least for the next stage of the requirements. Among the material they would remove are diagnoses, the reason for hospitalization, providers of care during hospitalization, vital signs at discharge, laboratory test results, the care transition summary and plan for next provider of care, and discharge instructions for patient. (p. 27) All this vastly reduces the value of data for increasing quality care. For instance, removing lab test results will lead to expensive and redundant retesting. (However, the AHA staff told me they support the ability of patients to get results directly from the labs.)

Update, May 20: The difficulties cited by the AHA should be evaluated
in the context of the innovative companies, described
in my posting one week later, that offer patients access to health
records.

I’ll conclude this section with the interesting observation that the CHIME comments on meaningful use I mentioned earlier say nothing about the patient engagement rules. In other words, the hospital CIOs in CHIME don’t back up the hospitals’ own claims.

Some reasonable AHA objections

Now I’m happy to turn to AHA proposals that leave fewer impediments to the achievement of better health care. Their 49-page letter (plus appendices) details many aspects of Stage 2 that seem unnecessarily burdensome or of questionable value.

It seems reasonable to me to ask the ONC, “Remove measures that make the performance of hospitals and EPs contingent on the actions of others.” (p. 2) For instance, to engage in successful exchanges of patient data, hospitals depend on their partners (labs, nursing homes, other hospitals) to have Stage 2 capabilities, and given the slow rate of adoption, such partners could be really hard to find.

The same goes for patient downloads. Not only do hospitals have to permit patients to get access to data over the Internet, but they have to get 10% of the patients to actually do it. I don’t think the tools are in place yet for patients to make good use of the data. When data is available, apps for processing the data will flood the market and patients will gradually understand the data’s value, but right now there are few reasons to download it: perhaps to give it to a relative who is caring for the patient or to a health provider who doesn’t have the technical means to request the data directly. Such uses may allow hospitals to reach the 10% required by the Stage 2 rule, but why make them responsible?

The AHA documents a growing digital divide among hospitals and other health care providers. “Rural, smaller and nonteaching hospitals have fewer financial and technical resources at their disposal. They also are starting from a lower base of adoption.” (p. 59) The open source community needs to step up here. There are plenty of free software solutions to choose from, but small providers can’t use them unless they become as easy to set up and configure as MySQL or even LibreOffice.

The AHA is talking from deep experience when it questions whether patients will actually be able to make use of medical images. “Images are generally very large files, and would require that the individual downloading or receiving the file have specialized, expensive software to access the images. The effort required to make the images available would be tremendous.” (p. 26) We must remember that parts of our country don’t even have high-speed Internet access.

The AHA’s detailed comments about CMS penalties for the slow adoption of EHRs (pp. 9-18) also seem to reflect the hard realities out in the field.

But their attitude toward HIPAA is unclear. They point out that Congress required meaningful use to “take into account the requirements of HIPAA privacy and security law.” (p. 25) Nevertheless, they ask the ONC to remove its HIPAA-related clauses from meaningful use because HIPAA is already administered by the Office of Civil Rights (OCR). It’s reasonable to remove redundancy by keeping regulations under a single agency, but the AHA admits that the OCR proposal itself is “significantly flawed.” Their staff explained to me that their goal is to wait for the next version of the OCR’s own proposal, which should be released soon, before creating a new requirement that could well be redundant or conflicting.

Unless we level the playing field for small providers, an enormous wave of buy-outs and consolidation will occur. Market forces and the push to form ACOs are already causing such consolidation. Maybe it’s even a good thing–who feels nostalgic for the corner grocery? But consolidation will make it even more important to empower patients with their data, in order to counterbalance the power of the health care institutions.

A closing note about hospital inertia

The AHA includes in its letter some valuable data about difficulties and costs of implementing new systems (pp. 47-48). They say, “More than one hospital executive has reported that managing the meaningful use implementation has been more challenging than building a new hospital, even while acknowledging the need to move ahead.” (p. 49)

What I find particularly troublesome about their report is that the AHA offers no hint that the hospitals spent all this money to put in place new workflows that could improve care. All the money went to EHRs and the minimal training and installation they require. What will it take for hospitals to make the culture changes that reap the potential benefits of EHRs and data transfers? The public needs to start asking tough questions, and the Stage 2 requirements should be robust enough to give these questions a basis.